package com.tycmc.signelectroniccontracts.tools.net.tools;

import android.content.Context;

import com.tycmc.signelectroniccontracts.tools.show.LogShow;

import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;

import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

import okhttp3.OkHttpClient;

public class SSLTool {
    public static OkHttpClient getSslClient(Context context, OkHttpClient.Builder builder) {
        try {
            InputStream trustKey = context.getAssets().open("sign/rootkomatsu.cer");
            InputStream clientKeyP12 = context.getAssets().open("sign/Sign.p12");
//            InputStream trustKey = context.getAssets().open("server1.cer");
//            InputStream clientKeyP12 = context.getAssets().open("client.p12");
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            SSLContext sslContext = SSLContext.getInstance("TLS");
//            KeyStore trustStore = KeyStore.getInstance("PKCS12");
            KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
            trustStore.load(null);
//                trustStore.load(trustKey, trustPassword.toCharArray());
            trustStore.setCertificateEntry("komatsu", certificateFactory.generateCertificate(trustKey));
            if (trustKey != null) {
                trustKey.close();
            }
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(clientKeyP12, "11111111".toCharArray());

            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore);
//            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            TrustManager[] trustManagers = SSLSocketClient.getTrustManager();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, "11111111".toCharArray());
            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new SecureRandom());
//            sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
//                return builder.build();
//                throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(trustManagers));
                builder = builder.sslSocketFactory(sslContext.getSocketFactory());
            } else {
                X509TrustManager trustManager = (X509TrustManager) trustManagers[0];
                builder = builder.sslSocketFactory(sslContext.getSocketFactory(), trustManager);

            }


            builder.followRedirects(false)
                    .followSslRedirects(false)
                    .hostnameVerifier(new HostnameVerifier() {
                        @Override
                        public boolean verify(String hostname, SSLSession session) {
                            LogShow.i("verify", hostname + "===");

                            return true;
                        }
                    });


        } catch (Exception e)

        {
            e.printStackTrace();

        }
        return builder.build();

    }

    public static SSLSocketFactory getSSLSocketFactory(Context context){
        try {
            InputStream trustKey = context.getAssets().open("sign/rootkomatsu.cer");
            InputStream clientKeyP12 = context.getAssets().open("sign/Sign.p12");
//            InputStream trustKey = context.getAssets().open("server1.cer");
//            InputStream clientKeyP12 = context.getAssets().open("client.p12");
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            SSLContext sslContext = SSLContext.getInstance("TLS");
//            KeyStore trustStore = KeyStore.getInstance("PKCS12");
            KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
            trustStore.load(null);
//                trustStore.load(trustKey, trustPassword.toCharArray());
            trustStore.setCertificateEntry("komatsu", certificateFactory.generateCertificate(trustKey));
            if (trustKey != null) {
                trustKey.close();
            }
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(clientKeyP12, "11111111".toCharArray());

            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(trustStore);
//            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            TrustManager[] trustManagers = SSLSocketClient.getTrustManager();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, "11111111".toCharArray());
            sslContext.init(keyManagerFactory.getKeyManagers(), trustManagers, new SecureRandom());
//            sslContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
            return sslContext.getSocketFactory();
        } catch (Exception e)

        {
            e.printStackTrace();

        }
        return null;
    }


}
